Creating Policies

This document applies only to the Nightfall Firewall for AI customers. If you are a Nightfall SaaS application customer, refer to this document.

Policies allow customers to create templates for their most common workflows by unifying a set of Detection Rules with the actions to be taken when those rules are triggered, including:

automated actions such as redaction of findings
alerting through webhooks

Once defined, a Policy may be used in requests to the Nightfall API, such as calls to scan file uploads, though automated redactions are not available for uploaded files at this time.

To create a policy:

Log in to Nightfall.
Click Overview under the Firewall for AI section.

Click Create Policy.

The policy creation page is displayed as follows.

If you click the Policies button under the Setting Up section, you need to execute a couple of additional steps to reach the policy creation page, as displayed in the following image.

Enter a name for the policy.
(Optional) Enter a Description for the policy.
Click + Detection rule to add a Detector rule to the policy.
Select the check box of the Detector rules that you wish you add to the Policy.

Select the Redact Violations check box to mask sensitive information found in your transmitted data.
Select one of the alerting method available.
- Click + Application Webhook to add the URL of a webhook that needs to be notified. See Configuring Webhook Alerts to learn more.
- Click + HTTP Alerts to configure a website as alert notification channel.
- Click + Email to notify recipients through an Email.
- Click + Slack to select a Slack channel to which the alerts must be sent.
Click Save Policy.

Configuring Webhook Alerts

When you click + Application Webhook, the following window is displayed.

If you have custom headers you would like to add to requests sent to the Webhook URL, you can do this from the overlay that appears when you click the "+ Webhook" button on the policy creation and edit page. These headers may be used for the purpose of authentication as well as integrating with Security Incidents and Event Management (SIEMs) or similar tools that aggregate content through HTTP event collection.

Click the "Add Header" button to add your custom headers.

Once your header key and value is entered you may obfuscate it by clicking on the "lock" icon next to the value field for the header. Click the "Save" button to persist your changes to the headers.

When you have completed configuring your Webhook URL and Headers, click the "Save" button.

🚧Limits On Webhook Headers
It is currently not possible to configure headers for webhooks programmatically when defining policies through the API.

After you click the "Save Policy" button, your policy should be immediately available for use. You can refer to the API Docs for the comprehensive list of endpoints that support policy UUIDs.

PreviousCreating Detection Rules NextAlerting

Last updated 3 months ago